WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

WASC Announcement: 2007 Web Application Security Statistics Published

From: statistics () webappsec org
Date: Mon, 8 Sep 2008 15:13:45 -0400 (EDT)

The Web Application Security Consortium (WASC) is pleased to announce
the WASC Web Application Security Statistics Project 2007. This
initiative is a collaborative industry wide effort to pool together
sanitized website vulnerability data and to gain a better understanding
about the web application vulnerability landscape.

Goals
1. Identify the prevalence and probability of different vulnerability classes
2. Compare testing methodologies against what types of vulnerabilities they 
   are likely to identify.

The statistics was compiled from web application security assessment projects 
which were made by the following companies in 2007 (in alphabetic order):

- Booz Allen Hamilton
- BT
- Cenzic with Hailstorm and ClickToSecure
- dblogic.it
- HP Application Security Center with WebInspect
- Positive Technologies with MaxPatrol
- Veracode with Veracode Security Review
- WhiteHat Security with WhiteHat Sentinel

The overall statistics includes analysis results of 32,717 sites and
69,476 vulnerabilities of different degrees of severity. The detailed
information can be found here:

http://www.webappsec.org/projects/statistics/

If you represent an organization that performs vulnerability assessments
on websites, particular in those in custom web applications, through a
manual or automated process and would like to participate please let us
know.  Please contact  Sergey Gordeychik (statistics () webappsec org).

Regards,
- statistics () webappsec org
http://www.webappsec.org/ The Web Application Security Consortium

-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: